Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
macromedia vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2004-0928
The Microsoft IIS Connector in JRun 4.0 and Macromedia ColdFusion MX 6.0, 6.1, and 6.1 J2EE allows remote malicious users to bypass authentication and view source files, such as .asp, .pl, and .php files, via an HTTP request that ends in ";.cfm".
Hitachi Cosminexus Enterprise 01 02 2
Macromedia Jrun 4.0
Hitachi Cosminexus Enterprise 01 01 1
Macromedia Jrun 3.0
Macromedia Jrun 3.1
Hitachi Cosminexus Server Web 01-01 1
Hitachi Cosminexus Server Web 01-01 2
Macromedia Coldfusion 6.0
Macromedia Coldfusion 6.1
7.5
CVSSv2
CVE-2004-1478
JRun 4.0 does not properly generate and handle the JSESSIONID, which allows remote malicious users to perform a session fixation attack and hijack a user's HTTP session.
Hitachi Cosminexus Enterprise 01 02 2
Hitachi Cosminexus Server Web 01-01 1
Macromedia Jrun 4.0
Hitachi Cosminexus Server Web 01-01 2
Macromedia Coldfusion 6.0
Macromedia Coldfusion 6.1
Hitachi Cosminexus Enterprise 01 01 1
Macromedia Jrun 3.0
Macromedia Jrun 3.1
7.8
CVSSv2
CVE-2005-4216
The Administration Service (FMSAdmin.exe) in Macromedia Flash Media Server 2.0 r1145 allows remote malicious users to cause a denial of service (application crash) via a malformed request with a single character to port 1111.
Macromedia Flash Media Server 2.0
Macromedia Flash Media Server 2.0 R1145
1 EDB exploit
7.8
CVSSv2
CVE-2005-3901
Macromedia Flash Communication Server MX 1.0 and 1.5 does not sufficiently validate certain RTMP data, which allows malicious users to cause a denial of service (instability or crash), as demonstrated using an alpha release build of Flash Player 8.5 (build 133).
Macromedia Flash Communication Server 1.5
Macromedia Flash Communication Server 1.0
4.3
CVSSv2
CVE-2003-0208
Cross-site scripting (XSS) vulnerability in Macromedia Flash ad user tracking capability allows remote malicious users to insert arbitrary Javascript via the clickTAG field.
Macromedia Flash
7.5
CVSSv2
CVE-2002-1310
Heap-based buffer overflow in the error-handling mechanism for the IIS ISAPI handler in Macromedia JRun 4.0 and previous versions allows remote malicious users to execute arbitrary via an HTTP GET request with a long .jsp file name.
Macromedia Jrun
6.4
CVSSv2
CVE-2000-0539
Servlet examples in Allaire JRun 2.3.x allow remote malicious users to obtain sensitive information, e.g. listing HttpSession ID's via the SessionServlet servlet.
Macromedia Jrun 2.3
5
CVSSv2
CVE-2000-0540
JSP sample files in Allaire JRun 2.3.x allow remote malicious users to access arbitrary files (e.g. via viewsource.jsp) or obtain configuration information.
Macromedia Jrun 2.3
2.1
CVSSv2
CVE-2004-2331
ColdFusion MX 6.1 and 6.1 J2EE allows local users to bypass sandbox security restrictions and obtain sensitive information by using Java reflection methods to access trusted Java objects without using the CreateObject function or cfobject tag.
Macromedia Coldfusion 6.1
5
CVSSv2
CVE-2005-1022
ColdFusion 6.1 Updater 1 places Java .class files under the web root in the /WEB-INF/cfclasses directory, which allows remote malicious users to obtain sensitive information.
Macromedia Coldfusion 6.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4644
unprivileged
CVE-2024-3494
CVE-2024-22460
CVE-2024-26026
CVE-2024-23473
firewall
CVE-2024-28889
XML external entity
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »